Hackers On The Rocks

Gabriel González-García sips on a cold brew coffee and explains fault injection.

Today’s episode dives into hardware hacking at the transistor level, where attackers manipulate the laws of physics instead of software bugs. Gabriel walks us through his research on applying electromagnetic fault injection (EMFI) to DJI drones and using precisely timed electrical pulses to flip bits, bypass protections, and extract secrets from com...

Adam sips on a Rusty Nail and explains threat modeling.Today’s episode tackles the reality of deciding what’s actually worth protecting. Our guest, longtime researcher and open source developer Adam, walks us through how password managers can still leak secrets, why writing passwords on paper isn’t always reckless, and how VPNs simply shift trust from one provider to another. We explore live “war-game” scenarios from hotel Wi-Fi to...

Erin (Acorn) sips on a Last Word cocktail and explains systems and security design

Today’s episode dives deep into the world of automotive hacking. Our guest, researcher Erin (aka Acorn), walks us through the fundamentals of car security: CANbus networks, OBD-II ports, and why cars are basically “rolling industrial control plants.”We explore how low-cost tools and junkyard parts can open the door (literally) to learning embedded...

Yael Grauer drinks Empress Southside while walking us through data colletion, OSINT, and privacy concernsWhat happens when your personal data is scattered across the internet and anyone can find it? This week, we shake up an Empress Southside with Yael Grauer and dig into the world of OSINT and privacy. From voter rolls to real estate records, Yael shows how data brokers collect, connect, and cash in on your information, and why “o...

Slava Moskvin drinks radler while walking us through null　pointer dereferencingWhat happens when your code points to nothing and then tries to use it? This week, we crack open a Radler with Slava Muskin and crash into the world of null pointer dereference vulnerabilities. From industrial switches to the Linux kernel’s SMB stack, Slava shares how a single uninitialized pointer can bring down entire systems. We talk root causes, real...

Olivia Gallucci drinks White Monster while walking us through return-oriented programming

Milliseconds matter. In this episode, we crack open a White Monster with Olivia Galuchcci and dig into TOCTOU attacks: Time-of-Check to Time-of-Use. These race condition vulnerabilities exploit tiny windows in logic, letting attackers escalate privileges, hijack processes, and sneak malicious payloads past your code’s defenses. Olivia share...

Dane Brown drinks Jamaican Rum Punch while walking us through return-oriented programming

What if you could launch an attack without writing a single line of code? This week, we pour up a proper Jamaican rum punch with Dr. B Hacking and unpack Return-Oriented Programming, which is an old-school exploit technique still alive and kicking in the age of ASLR and NX. From stack smashing to chaining gadgets with surgical precision, this e...

Robel Campbell drinks a Blue Moon and peels back the layers of modern exploitation through shellcode

Shellcode isn’t malware: it’s the crowbar that opens the door. In this episode, we sit down with Roel Campbell to decode what shellcode actually is, how it works, and why attackers still use it in an era of modern EDRs and OS-level protections. From return-oriented programming to kernel-space rootkits, Roel walks us through evasion s...

Katie Moussouris sips on organic super greens, fruits & vegetables and explains vulnerability research workforce.

Bug bounties, vulnerability disclosure, and the economics of exploits: this episode is a potent blend of technical depth and sharp perspective. We sit down with Katie Moussouris, a pioneer in vulnerability research and founder of Luta Security, to unpack the lifecycle of elite hackers, why burnout hits at year seven,...